From 12d5189e95569dec791f7d1453adad3225a1aa15 Mon Sep 17 00:00:00 2001 From: Min RK Date: Wed, 1 Jun 2016 11:01:48 +0200 Subject: [PATCH] remove discussion of IPython profiles from notebook signatures docs --- docs/source/security.rst | 23 +++++++---------------- 1 file changed, 7 insertions(+), 16 deletions(-) diff --git a/docs/source/security.rst b/docs/source/security.rst index c23bfb886..5a81cfddc 100644 --- a/docs/source/security.rst +++ b/docs/source/security.rst @@ -45,15 +45,13 @@ the question "Did the current user do this?" This signature is a digest of the notebooks contents plus a secret key, known only to the user. The secret key is a user-only readable file in -the Jupyter profile's security directory. By default, this is:: +the Jupyter data directory. By default, this is:: - ~/.jupyter/profile_default/security/notebook_secret -.. note:: + ~/.local/share/jupyter/notebook_secret # linux + ~/Library/Jupyter/notebook_secret # OS X + %APPDATA%/jupyter/notebook_secret # Windows - The notebook secret being stored in the profile means that - loading a notebook in another profile results in it being untrusted, - unless you copy or symlink the notebook secret to share it across profiles. When a notebook is opened by a user, the server computes a signature with the user's key, and compares it with the signature stored in the @@ -135,20 +133,13 @@ in an untrusted state. There are three basic approaches to this: - re-run notebooks when you get them (not always viable) - explicitly trust notebooks via ``jupyter trust`` or the notebook menu (annoying, but easy) -- share a notebook secret, and use a Jupyter profile dedicated to the +- share a notebook secret, and use configuration dedicated to the collaboration while working on the project. -Multiple profiles or machines -***************************** - -Since the notebook secret is stored in a profile directory by default, -opening a notebook with a different profile or on a different machine -will result in a different key, and thus be untrusted. The only current -way to address this is by sharing the notebook secret. This can be -facilitated by setting the configurable: +When sharing a notebook secret across configurations, you can use .. sourcecode:: python c.NotebookApp.secret_file = "/path/to/notebook_secret" -in each profile, and only sharing the secret once per machine. +to specify a non-default path to the secret file.